1ec0a2a6f9f318919a5e3e811c39632cbfd130d7ce6d4001a02d645e8366ecd9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

extract_314.zip
Size

13.5MB
Sample

240113-ahtznagdhl
MD5

0a110f489867e80434a975df90645768
SHA1

d198f714b4fabab76d848a94ab204be9b5b6738b
SHA256

1ec0a2a6f9f318919a5e3e811c39632cbfd130d7ce6d4001a02d645e8366ecd9
SHA512

e9aed6832eea0dfb67b5a69527d245bd831b8f7081dce1ef7190f6891b93a2e96f8350ec2792ad7e524b4ffde48cd9549453207bac5d5b002ccecfd66d59ea00
SSDEEP

393216:5TH/ooj+7dV+qojofc3NmqfrOnRqySlhjZzw:Rfz97mAfjy

Score

7^/10

discovery link pdf

Malware Config

Targets

- Target
  
  GameExtractor.bat
- Size
  
  122B
- MD5
  
  17cee035c0b13f24afeea212d6ffe9bf
- SHA1
  
  672ded3b549f4238a223e34a90da46707b7ca53a
- SHA256
  
  e4a574b0766eaa32519d5f54f5d2b6500efd7217dd88e3dc388db3d91c959de3
- SHA512
  
  082a7b17bf47a04b2e3ece09746d13aa737d2a0af5962aac94d4f48ae18e37a57da774efecaea5935b4f5ad87dc31407eae881999195336334722b01550d04ca
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  GameExtractor.exe
- Size
  
  172KB
- MD5
  
  fc61a05975c3e5ed62bf6306c89c7d28
- SHA1
  
  68895d44b445af421adfaff053dce86595ff53e6
- SHA256
  
  7ba751cbb76bec80a0c2230d89e23259e5293843ba0f53878ab39139ecc0d0e9
- SHA512
  
  2f415f135b4f05568c9e99f4dafb1757944c8803f832f193f9f5b61a500e720850ed8709c9139bc286253364d80f2375b93ef25325b110c479838e9df1bdeb9f
- SSDEEP
  
  1536:vZ2FWSNhd/4131iUiccx6Www27X4znB61MveFl3qKvIkbhRxSnhrb7dR62CtBHV2:B2ddQ131i6DWsuB6K41VLsh7dRNq1iN
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral3 behavioral4
- Target
  
  GameExtractor.jar
- Size
  
  5.9MB
- MD5
  
  4ede4f78065245b6c6521c749265fab5
- SHA1
  
  40e93159d177ae519d14448faa354b61e011cf46
- SHA256
  
  b236f5c4840c84b044c0e1dfbc3e0a7edff8a5d7f9732c4f523d7b0600d7af19
- SHA512
  
  ebbf40ebc40e5988bc903280c7fd2ba4284ce765e73b7f918c29e396e7029356c31c4956616b1e7fba2b6b9362fde23454b7adff371d43f554948cc140122552
- SSDEEP
  
  98304:jErBssfxJTRxYFH56KJFJ0Okoov7l8EyWQWzFc7NNxnRwdxQTayusHOhwVhbE:jEr6sfxh6Jn0oQMWRO7NNMHQTvusuhwY
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral5 behavioral6
- Target
  
  apache-commons-compress.jar
- Size
  
  617KB
- MD5
  
  3f7237fb56029591b5bdd2698c196220
- SHA1
  
  b8df472b31e1f17c232d2ad78ceb1c84e00c641b
- SHA256
  
  0aeb625c948c697ea7b205156e112363b59ed5e2551212cd4e460bdb72c7c06e
- SHA512
  
  5d3ce7ae4518c0fe5094b512c5c4825cc213ebc388e1e1e7692475406d5876c893140e5bbaaecb1676262a6b73c7250d40b83653cd03600815693474f92f0fa7
- SSDEEP
  
  12288:5c+UaUm1JmC3JE8IA9rrfjEW+BTiPZ3OjWekvYn1+EEHJUrsaK:5cD1m1JHK8IC/rEbTix32WekAn1+EEHR
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral7 behavioral8
- Target
  
  jiu.jar
- Size
  
  461KB
- MD5
  
  bf7a799dfb3b0e75fc6169e957596992
- SHA1
  
  18d7a39314243473fb8ad03ad65a0d443ca44d87
- SHA256
  
  294e6ccfb0127fb56c083632ffbb35e860dc746e2a3ca2d7c3ac08ff98a1dbcd
- SHA512
  
  c89b629ee826c3b6eeafe05760a3e7fc862271aceb11b7120d2bb9afa002f012a60c0340c77ee3d68c0ecbf358d306bac75903f2e217e4c5a2109981786e557f
- SSDEEP
  
  12288:BMiP+KsQ9hF4gnLaogWl45KUUDWM7fXo1XyDHJ:BnP5aEXgZ5nKWM7/oEDHJ
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10 behavioral9
- Target
  
  jlayer.jar
- Size
  
  102KB
- MD5
  
  7b672b4badc89286055adcc810f47df8
- SHA1
  
  33c346fe3c5f75dfbfb477e1f3d8446427633890
- SHA256
  
  eabaa070e57a204d441cd9b20200f74c165c4dd9cfb9dbf37eeabb3b713c6fac
- SHA512
  
  68b8c7aa6093ab706447ea334e47e7bceae06c05b787eaeb9f29f53c906d6dacf53d4ae17b330c6d0eaf6d54ad9eaf5b1e79ef3ddd54b9ccaa7c093b78dd214c
- SSDEEP
  
  3072:42eYS3dK2djpLdl00XnhcaCsbjaOWSRWHKKuISci+D+:4V3drtrHqgRhfIS+S
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral11 behavioral12
- Target
  
  jna.jar
- Size
  
  1.6MB
- MD5
  
  3e1988240662c4f068e8ff5df505f6a0
- SHA1
  
  3551d8d827e54858214107541d3aff9c615cb615
- SHA256
  
  930273cc1c492f25661ea62413a6da3fd7f6e01bf1c4dcc0817fc8696a7b07ac
- SHA512
  
  a764620892a03cd07ced50a3257d86980ba454dbd908de506909bd0e8bf40438792a4ef472c19ba3806ded35cbbb96a18729c18d202971695ed0b8b15e0b604f
- SSDEEP
  
  49152:JYotMbp7v/Z7no5d1LvH7Saw91xMTzengRhYobt0XhznS:JYUMbtZonHOag1PgXdyhzS
Score

7^/10

discovery
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14